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CLAIMS 

What is claimed is: 

1. A system for supporting a messaging service, comprising: 

a first translation gateway for use between (a) a customer data network 
that is accessed, by those authorized by a customer of the messaging service, to 
receive a message via a client process, and (b) a hostile data network, the 
gateway having translation functionality that is applied to a plurality of 
inbound messages, arriving via a hostile network, in a manner that is 
transparent to recipients of said inbound messages who experience the 
messages via a plurality of client processes running in the customer network; 
and 

a second translation gateway for use between (a) the hostile data 
network and (b) a network of a provider of said messaging service, wherein 
said service provider network implements a distributed interface to a 
telephony network from which the inbound messages originate, the second 
gateway to forward the inbound messages to the first gateway through the 
hostile network in a manner that precludes unauthorized access to the content 
of the inbound messages. 

2. The system of claim 1 wherein the first translation gateway is 
administered by the customer. 

3. The system of claim 2 wherein the second translation gateway is 
administered by the customer. 

4. The system of claim 3 wherein the intermediate network is the Internet. 

5. The system of claim 4 wherein the inbound messages originate as 
facsimile messages. 

6. The system of claim 4 wherein the inbound messages originate as voice 
messages. 

7. The system of claim 2 wherein the first translation gateway and the 

second translation gateway are nodes of a virtual private network (VPN) so 
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that the inbound messages can be passed between the first and second 
gateways through a VPN tunnel. 

8. The system of claim 2 wherein the second gateway is to use public keys 
to encrypt the inbound messages before sending them to the first gateway via 
the hostile network, and the first gateway is to use private keys to decrypt the 
inbound messages prior to forwarding them to the plurality of client processes. 

9. The system of claim 2 wherein the first gateway includes further 
translation functionality that is applied to outbound messages, originating with 
the plurality of client processes in the customer network and addressed to the 
service provider network, in a manner that is transparent to users of the 
plurality of client processes, 

and wherein the first translation gateway is designed to then forward 
the outbound messages to the second translation gateway through the hostile 
data network. 

10. The system of claim 9 wherein the outbound messages are addressed to 
outbound, circuit switched network addresses, and contain one of voice and 
facsimile data, the service provider network implements a distributed interface 
to a telephony network for transmitting the outbound messages to the their 
outbound, circuit switched network addresses. 

11. The system of claim 2 wherein Internet Protocol (IP) addresses for nodes 
in the service provider network are assigned by the service provider and not by 
the customer, and IP addresses for nodes in the customer data network are 
assigned by the customer and not by the service provider. 

12. The system of claim 1 wherein the first and second translation gateways 
are to exchange a set of security certificates, wherein all of the plurality of 
inbound messages, received on behalf of a given corporate customer over a 
plurality of different circuit-switched network addresses, respectively, are 
encrypted by the second translation gateway using the set of certificates. 
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13. A system for supporting a messaging service, comprising: 

a first translation gateway for use between a) a customer data network 
that is administered by a customer of the messaging service and not by a 
provider of the messaging service and b) a hostile data network; and 

a second translation gateway for use between a) the hostile data network 
and b) a service provider network that is administered by the provider and not 
by the customer, 

wherein the service provider network implements a distributed 
interface to a telephony network into which a message, that originates in the 
customer data network and arrives via the first translation gateway and the 
hostile network, is transmitted by the interface, 

the first gateway having translation functionality that is applied to a 
plurality of outbound messages originating from a plurality of client processes 
in the customer network, in a manner that is transparent to users of said 
plurality of client processes, the plurality of outbound messages being 
addressed to the service provider network, and 

the first gateway being designed to then forward the plurality of 
outbound messages to the second translation gateway through the hostile data 
network. 

14. The system of claim 13 wherein the first and second gateways are 
administered by the customer and not by the service provider. 

15. The system of claim 13 wherein the first gateway is administered by the 
customer and not the service provider, while the second gateway is 
administered by the service provider and not the customer. 

16. The system of claim 14 wherein the message that is to be transmitted by 
the interface is a facsimile message. 

17. The system of claim 15 wherein the message that is to be transmitted by 
the interface a facsimile message. 

18. The system of claim 13 wherein the plurality of client processes are 
associated with a plurality of different, customer-authorized users of said 
processes, respectively, 
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and wherein the translation functionality applied to the outbound 
messages by the first gateway includes an encryption key that is used to 
encrypt every one of the plurality of outbound messages which are addressed 
to the service provider network. 

19. The system of claim 13 wherein the plurality of outbound messages 
have been addressed to circuit-switched network addresses of the telephony 
network, before they arrive at the first gateway. 

20. A method for providing a secure messaging service, comprising: 
assigning a separate set of circuit switched network addresses to each of 

a plurality of corporate subscribers of the messaging service, some of the sets of 
circuit switched network addresses being in different countries; 

associating the set of circuit switched network addresses for each 
subscriber with an internet domain of said subscriber; 

receiving one of a) an inbound fax message and b) an inbound voice 
message that has been addressed to one of the set of circuit switched network 
addresses of a given subscriber; and 

transferring the inbound message to a first translation gateway that is 
configured to service the given subscriber, wherein the inbound message is 
addressed to the internet domain of the given subscriber; and 

sending from the first translation gateway the inbound message to a 
predefined port of a second translation gateway in a privacy-maintaining 
manner over a hostile data network of which the first and second translation 
gateways are separate nodes, wherein the second translation gateway is 
administered by the given subscriber and is to forward the inbound message to 
an affiliate of the given subscriber over an internal data network of the given 
subscriber of which the second translation gateway is a node. 

21. The method of claim 20 wherein the receipt of the inbound message and 
the transfer of the inbound message occur in an internal data network of a 
provider of the messaging system. 

22. The method of claim 21 wherein the second translation gateway is to 
forward the inbound message to the affiliate via an email server that is a node 
of the given subscriber's data network. 
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23. The method of claim 20 further comprising: 

obtaining an outbound message at the first translation gateway, wherein 
the outbound message originated with an affiliate of the given subscriber and 
was addressed to an internet domain of a provider of the messaging service 
with whom the given subscriber has a service contract for secure messaging 
services, the outbound message having been transferred by the second 
translation gateway to the first translation gateway in a privacy-maintaining 
manner over the hostile data network; 

verifying that an account of the given subscriber is current, in response 
to obtaining the outbound message; and 

forwarding the outbound message by the first translation gateway to an 
outbound resource of the service provider over an internal data network of the 
service provider of which the first translation gateway and the outbound 
resource are separate nodes, wherein the outbound resource is capable of 
translating the outbound message into a format that can be transmitted to one 
of a) a facsimile machine and b) a telephone unit, over a telephony network. 

24. A method for operating a message delivery service, comprising: 
associating a separate set of data network source address names to each 

of a plurality of different, group subscribers of the message delivery service, 
wherein each group subscriber has entered into a service contract with a 
provider of the message delivery service; 

instructing a given one of the plurality of group subscribers to configure 
a first translation gateway administered by the given group subscriber, so that 
the first gateway applies a translation function to any outbound message that 
originates in an internal data network of the given group subscriber and that is 
addressed to a specified, internet domain of the service provider, the 
translation function being designed to ensure privacy of an outbound message 
as it travels through a hostile data network; 

verifying that an account of the given group subscriber is current in 
response to receiving an outbound message that originated in the internal data 
network of the given group subscriber and that traveled through the hostile 
data network before arriving at a second translation gateway; and 
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forwarding the received outbound message from the second translation 
gateway to an outbound resource, wherein the second translation gateway and 
the outbound resource are different nodes of an internal data network of the 
service provider, and wherein the outbound resource is to transmit the 
received outbound message to a circuit-switched network address of a 
recipient. 

25. The method of claim 24 further comprising: 

instructing the given group subscriber to further address any outbound 
message that originates in its internal data network and that is addressed to the 
specified, internet domain of the service provider, to a circuit-switched 
network address of a recipient. 

26. A system for providing a messaging service, comprising: 

a media server to capture an inbound message that has been addressed 
to a circuit switched network address assigned to a subscriber of the service, 
the server being a node of a private data network of a provider of the service; 

a storage device within the private data network, to store the captured 
inbound message for the subscriber; and 

a messaging application server being a further node of the private data 
network, to send a resource locator link over a hostile data network to a data 
network address of the subscriber, wherein the stored inbound message is then 
sent to a client process, used by the subscriber, in response to the link being 
invoked by the subscriber, and wherein the stored inbound message is sent, 
under the direction of the messaging application server, over the hostile data 
network and in a manner that maintains the privacy of the message. 

27. The system of claim 26 wherein the link is a Secure Sockets Layer (SSL) 
Universal Resource Locator (URL) link. 

28. The system of claim 26 wherein the messaging application server is to 

authenticate the subscriber via the client process in response to the link being 

invoked by the subscriber, prior to sending the stored inbound message to the 

client process in accordance with a Secure Socket Layer (SSL) protocol, and 

wherein security certificates are not exchanged between the messaging 

application server and the client process. 
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29. The system of claim 26 wherein the data network address is an email 
address of the subscriber, and the client process is a Web browser being 
executed in a notebook computer. 

30. The system of claim 26 wherein the circuit switched network address 
assigned to the subscriber is a landline telephone number. 

31. An article of manufacture, comprising: 

a machine-readable medium having data stored therein that when 
accessed by a processor receives an indication, over a private data network of a 
messaging service provider, that an inbound message, addressed to a circuit 
switched network address assigned by the service provider to a subscriber who 
pays the service provider for a secure messaging service, has been received for 
the subscriber, and in response sends a resource locator link over a hostile data 
network to a client process of the subscriber, and then sends the inbound 
message from storage in the private data network to a data network address of 
the subscriber in response to the link being invoked by the subscriber, wherein 
the inbound message is encrypted before being sent over the hostile data 
network to the subscriber's data network address. 

32. The article of manufacture of claim 31 wherein the data is to treat the 
link as being a Secure Sockets Layer (SSL) Universal Resource Locator (URL) 
link. 

33. The article of manufacture of claim 31 wherein the medium has further 
data that authenticates the subscriber, without exchanging security certificates 
with a client process of the subscriber, in response to the link being invoked by 
the subscriber, prior to sending the stored inbound message in accordance with 
a Secure Socket Layer (SSL) protocol. 

34. The article of manufacture of claim 31 wherein the data is to treat the 
client process that receives the link as an email client, and the data network 
address as that of a Web browser of the subscriber. 

35. The article of manufacture of claim 31 wherein the circuit switched 
network address assigned to the subscriber is a landline telephone number. 
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